Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
•added 2022/12/01 7:46 p.m.•72 views

USN-5757-1: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

7.8CVSS6.8AI score0.02211EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/12/01 6:26 p.m.•72 views

USN-5756-1: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

7.8CVSS6.9AI score0.02211EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/10/27 1:0 p.m.•72 views

USN-5704-1: DBus vulnerabilities

It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. CVE-2022-42010 It was discovered that DBus was incorrectly validating the length of arrays of fixed-lengt...

6.5CVSS6.6AI score0.0131EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/10/19 10:6 p.m.•72 views

USN-5692-1: Linux kernel vulnerabilities

David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-2602...

8.8CVSS7.3AI score0.03763EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/09/21 3:39 p.m.•72 views

USN-5626-2: Bind vulnerabilities

USN-5626-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker...

7.5CVSS6.8AI score0.02299EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/08 7:1 p.m.•72 views

USN-5603-1: Linux kernel (Raspberry Pi) vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the virtual terminal driver in the...

6.8CVSS7.1AI score0.00537EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/07/13 8:16 p.m.•72 views

USN-5516-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution...

7.8CVSS7.8AI score0.01527EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/07/04 11:32 a.m.•72 views

USN-5501-1: Django vulnerability

It was discovered that Django incorrectly handled certain SQL. An attacker could possibly use this issue to expose sensitive information...

9.8CVSS7AI score0.73274EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/05/30 1:55 p.m.•72 views

USN-5453-1: FreeType vulnerability

It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.3AI score0.02484EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/30 11:17 a.m.•72 views

USN-5452-1: NTFS-3G vulnerability

It was discovered that NTFS-3G was incorrectly validating NTFS metadata in its ntfsck tool by not performing boundary checks. A local attacker could possibly use this issue to cause a denial of service or to execute arbitrary code...

7.8CVSS7.6AI score0.00504EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/24 2:21 p.m.•72 views

USN-5432-2: libpng vulnerabilities

USN-5432-1 fixed vulnerabilities in libpng. This update provides the corresponding updates for libpng1.6. Original advisory details: It was discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted...

9.8CVSS6.8AI score0.04113EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/19 2:7 p.m.•72 views

USN-4961-2: pip vulnerability

USN-4961-1 fixed a vulnerability in pip. This update provides the corresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. Original advisory details: It was discovered that pip incorrectly handled unicode separators in git references. A remote attacker could possibly use...

5.7CVSS7.4AI score0.01687EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/05/18 1:6 p.m.•72 views

USN-5428-1: libXrandr vulnerabilities

Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2016-7947, CVE-2016-7948...

9.8CVSS8.6AI score0.03629EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/11/18 1:55 p.m.•72 views

USN-5151-1: Mailman vulnerabilities

It was discovered that Mailman incorrectly handled certain URL. An attacker could possibly use this issue to execute arbitrary code. CVE-2021-43331 It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

6.5CVSS7.2AI score0.01284EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2020/12/09 4:46 p.m.•72 views

USN-4665-2: curl vulnerabilities

USN-4665-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. An attacker could possibly use this issue to tric...

7.5CVSS6.8AI score0.09917EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/12/07 3:14 p.m.•72 views

USN-4656-2: X.Org X Server vulnerabilities

USN-4656-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server XKB extension incorrectly handled certain inputs. A local attacker could possibly use this issue to...

7.8CVSS7.4AI score0.00393EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/12/01 4:8 p.m.•72 views

USN-4656-1: X.Org X Server vulnerabilities

Jan-Niklas Sohn discovered that the X.Org X Server XKB extension incorrectly handled certain inputs. A local attacker could possibly use this issue to escalate privileges...

7.8CVSS7.4AI score0.00393EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/10 12:10 p.m.•72 views

USN-4624-1: libexif vulnerability

It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause unexpected behaviours, or execute arbitrary code...

9.8CVSS8.5AI score0.03189EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/17 7:26 p.m.•72 views

USN-4399-1: Bind vulnerabilities

It was discovered that Bind incorrectly handled large responses during zone transfers. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2020-8618 It was discovered that Bind incorrectly handled certain asterisk characters in zone files....

4.9CVSS6.5AI score0.02088EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/16 1:12 p.m.•72 views

USN-4396-1: libexif vulnerabilities

It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. CVE-2020-0093, CVE-2020-0182 It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a remote...

9.1CVSS7.2AI score0.04262EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/09 5:44 p.m.•72 views

USN-4386-1: libjpeg-turbo vulnerability

It was discovered that libjpeg-turbo incorrectly handled certain PPM files. An attacker could possibly use this issue to access sensitive information...

8.1CVSS6.8AI score0.03178EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/04/29 2:14 p.m.•72 views

USN-4347-1: WebKitGTK vulnerability

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.3CVSS6.9AI score0.04017EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/02/26 1:56 p.m.•72 views

USN-4278-3: Firefox regressions

USN-4278-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/10/08 10:17 p.m.•72 views

USN-4150-1: Thunderbird vulnerabilities

It was discovered that encrypted S/MIME parts in a multipart message can leak plaintext contents when included in a HTML reply or forward in some circumstances. If a user were tricked in to replying to or forwarding a specially crafted message, an attacker could potentially exploit this to obtain...

9.3CVSS7.5AI score0.0216EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/08/06 5:17 p.m.•72 views

USN-4087-1: BWA vulnerability

It was discovered that Burrows-Wheeler Aligner BWA mishandled certain crafted .alt files. An attacker could use this vulnerability to cause a denial of service crash or possibly execute arbitrary code...

10CVSS8.7AI score0.0291EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/30 4:38 p.m.•72 views

USN-3961-1: Dovecot vulnerabilities

It was discovered that the Dovecot Submission login service incorrectly handled certain operations. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service...

7.5CVSS8AI score0.02525EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/16 5:16 p.m.•72 views

USN-3658-3: procps-ng vulnerabilities

USN-3658-1 fixed a vulnerability in procps-ng. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibl...

7.5CVSS6.5AI score0.09081EPSS
Exploits7
Ubuntu
Ubuntu
•added 2018/08/16 12:57 p.m.•72 views

USN-3743-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.8CVSS6.8AI score0.03115EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/24 2:27 a.m.•72 views

USN-3630-2: Linux kernel (HWE) vulnerability

USN-3630-1 fixed a vulnerability in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that the Broadcom UniMAC MDIO bus controller driver in the Linux kernel did...

5.5CVSS6.3AI score0.00412EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/13 2:28 p.m.•72 views

USN-3595-1: Samba vulnerabilities

Björn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users. CVE-2018-1057 It was discovered that...

8.8CVSS7AI score0.10308EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/02/08 3:38 p.m.•72 views

USN-3563-1: Mailman vulnerability

It was discovered that Mailman incorrectly handled certain web scripts. An attacker could possibly use this to inject arbitrary code...

6.1CVSS7.3AI score0.04599EPSS
Exploits3
Ubuntu
Ubuntu
•added 2018/02/07 6:43 p.m.•72 views

USN-3562-1: MiniUPnP vulnerabilities

It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library...

7.8CVSS7.7AI score0.00466EPSS
Exploits1
Ubuntu
Ubuntu
•added 2017/12/06 6:58 a.m.•72 views

USN-3505-1: Linux firmware vulnerabilities

Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. CVE-2017-13080, CVE-2017-13081...

5.3CVSS7.2AI score0.02285EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/10/31 6:10 p.m.•72 views

USN-3471-1: Quagga vulnerabilities

Andreas Jaggi discovered that Quagga incorrectly handled certain BGP UPDATE messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service. CVE-2017-16227 Quentin Young discovered that Quagga incorrectly handled memory in the telnet vty CLI. A...

7.8CVSS7.1AI score0.18803EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/09/21 4:45 p.m.•72 views

USN-3426-1: Samba vulnerabilities

Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a machine-in-the-middle attack. CVE-2017-12150 Stefan Metzmacher discovered that Samba incorrectly handled encryption across DFS redirects. A remote...

7.4CVSS6.6AI score0.13228EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/09/18 11:26 p.m.•72 views

USN-3423-1: Linux kernel vulnerability

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash...

8CVSS7.2AI score0.16181EPSS
Exploits12
Ubuntu
Ubuntu
•added 2017/08/17 9:24 p.m.•72 views

USN-3391-3: Firefox regression

USN-3391-1 fixed vulnerabilities in Firefox. The update introduced a performance regression with WebExtensions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a...

7.5AI score0.13697EPSS
Exploits25References1
Ubuntu
Ubuntu
•added 2017/08/14 7:30 p.m.•72 views

USN-3389-2: GD vulnerability

USN-3389-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: A vulnerability was discovered in GD Graphics Library aka libgd, as used in PHP that does not zero colorMap arrays before use. A specially crafte...

6.5CVSS6.6AI score0.03418EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/06/22 5:19 a.m.•72 views

USN-3334-1: Linux kernel (Xenial HWE) vulnerability

USN-3328-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the stack guard page for processes in the Linux kernel was not...

7.4CVSS7.7AI score0.05186EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/03/29 10:37 p.m.•72 views

USN-3250-1: Linux kernel vulnerability

It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service system crash or execute arbitrary code with administrative privileges...

7.8CVSS7.3AI score0.01902EPSS
Exploits4
Ubuntu
Ubuntu
•added 2017/03/13 4:58 p.m.•72 views

USN-3229-1: Python Imaging Library vulnerabilities

It was discovered that the Python Imaging Library incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause the Python Imaging Library to crash, resulting in a denial of service. CVE-2014-9601 Cris Neckar discovered that the Python...

7.8CVSS7.1AI score0.05426EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 7:56 p.m.•72 views

USN-3160-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3160-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. CAI Qian discovered that shared bind mounts in a mount namespace exponentially added...

5.5CVSS6.2AI score0.00388EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/11/30 6:24 p.m.•72 views

USN-3144-1: Linux kernel vulnerability

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges...

7.8CVSS6.5AI score0.0043EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/09/21 9:29 p.m.•72 views

USN-3085-1: GDK-PixBuf vulnerabilities

It was discovered that the GDK-PixBuf library did not properly handle specially crafted bmp images, leading to a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted bmp file, a remote attacker could use this flaw to cause GDK-PixBuf to crash,...

9.3CVSS7.4AI score0.03868EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/09/19 6:49 p.m.•72 views

USN-3084-1: Linux kernel vulnerabilities

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. CVE-2016-6136 It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did...

6.5CVSS6.4AI score0.00348EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/05/09 9:43 p.m.•72 views

USN-2968-2: Linux kernel (Trusty HWE) vulnerabilities

USN-2968-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kerne...

7.8CVSS7.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
•added 2016/04/18 12:16 p.m.•72 views

USN-2950-1: Samba vulnerabilities

Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a machine-in-the-middle attack, or possibly execute arbitrary code. CVE-2015-5370 Stefan...

7.5CVSS7.1AI score0.3693EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/04/06 7:53 a.m.•72 views

USN-2949-1: Linux kernel (Vivid HWE) vulnerabilities

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2015-8812 Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux...

10CVSS7.4AI score0.14281EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/03/21 6:5 p.m.•72 views

USN-2937-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

6.8CVSS7.3AI score0.10946EPSS
Exploits2
Ubuntu
Ubuntu
•added 2015/12/19 12:7 p.m.•72 views

USN-2852-1: Linux kernel (Raspberry Pi 2) vulnerability

Jann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace...

7CVSS7.2AI score0.00398EPSS
Exploits0
Total number of security vulnerabilities5000